Add a trusted domain wizard

Adds a little button to the trusted domain warning, if an admin clicks on the warning he will be redirected to ownCloud and asked whether he want to trust this domain.

By far not the cleanest code, or clean at all, but does the job and I don't see a reason to make a lot of changes for this little improvement.
This commit is contained in:
Lukas Reschke 2014-08-21 22:22:35 +02:00
parent 52d5429768
commit 97b536e3df
5 changed files with 52 additions and 6 deletions

View File

@ -611,6 +611,10 @@ label.infield {
margin-left: -200px !important;
}
.error-wide .button {
color: black !important;
}
/* Fixes for log in page, TODO should be removed some time */
#body-login .update,
#body-login .error {

View File

@ -0,0 +1,19 @@
<?php /** @var $_ array */ ?>
<ul class="error-wide">
<li class='error'>
<?php p($l->t('You are accessing the server from an untrusted domain.')); ?><br/>
<p class='hint'>
<?php p($l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.')); ?>
<br/>
<?php p($l->t('Depending on your configuration, as an administrator you might also be able to use the button below to trust this domain.')); ?>
<br/><br/>
<p style="text-align:center;">
<a href="<?php print_unescaped(OC_Helper::makeURLAbsolute(\OCP\Util::linkToRoute('settings_admin'))); ?>?trustDomain=<?php p($_['domain']); ?>" class="button">
<?php p($l->t('Add "%s" as trusted domain', array($_['domain']))); ?>
</a>
</p>
</p>
</li>
</ul>

View File

@ -689,10 +689,9 @@ class OC {
) {
header('HTTP/1.1 400 Bad Request');
header('Status: 400 Bad Request');
OC_Template::printErrorPage(
$l->t('You are accessing the server from an untrusted domain.'),
$l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.')
);
$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
$tmpl->printPage();
return;
}

View File

@ -1,6 +1,6 @@
<?php
/**
* Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch>
* Copyright (c) 2013-2014, Lukas Reschke <lukas@owncloud.com>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
@ -8,6 +8,14 @@
OC_Util::checkAdminUser();
OCP\JSON::callCheck();
if(isset($_POST['enforceHTTPS'])) {
OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
}
if(isset($_POST['trustedDomain'])) {
$trustedDomains = OC_Config::getValue('trusted_domains');
$trustedDomains[] = $_POST['trustedDomain'];
OC_Config::setValue('trusted_domains', $trustedDomains);
}
echo 'true';

View File

@ -38,6 +38,22 @@ var SharingGroupList = {
};
$(document).ready(function(){
var params = OC.Util.History.parseUrlQuery();
// Hack to add a trusted domain
if (params.trustDomain) {
OC.dialogs.confirm(t('core', 'Are you really sure you want add "{domain}" as trusted domain?', {domain: params.trustDomain}),
t('core', 'Add trusted domain'), function(answer) {
if(answer) {
$.ajax({
type: 'POST',
url: OC.generateUrl('settings/ajax/setsecurity.php'),
data: { trustedDomain: params.trustDomain}
});
}
});
}
$('select#excludedGroups[multiple]').each(function (index, element) {
SharingGroupList.applyMultipleSelect($(element));